diff --git a/source/development/index.rst b/source/development/index.rst index 4b6afaab0..f28ed424a 100644 --- a/source/development/index.rst +++ b/source/development/index.rst @@ -21,6 +21,7 @@ As Chill rely on the `symfony `_ framework, reading the fram Access control model Messages to users Localisation + Logging Database migrations Searching Timelines diff --git a/source/development/logging.rst b/source/development/logging.rst new file mode 100644 index 000000000..5cace02c7 --- /dev/null +++ b/source/development/logging.rst @@ -0,0 +1,50 @@ +.. Copyright (C) 2016 Champs Libres Cooperative SCRLFS + Permission is granted to copy, distribute and/or modify this document + under the terms of the GNU Free Documentation License, Version 1.3 + or any later version published by the Free Software Foundation; + with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. + A copy of the license is included in the section entitled "GNU + Free Documentation License". + + +Logging +******* + +.. seealso:: + + Symfony documentation: `How to user Monolog to write logs `_ + The symfony cookbook page about logging. + + +A channel for custom logging has been created to store sensitive data. + +The channel is named ``chill``. + +The installer of chill should be aware that this channel may contains sensitive data and encrypted during backup. + +Logging to channel `chill` +============================ + +You should use the service named ``chill.main.logger``, as this : + +.. code-block:: php + + $logger = $this->get('chill.main.logger'); + +You should store data into context, not in the log himself, which should remains the same for the action. + +Example of usage : + +.. code-block:: php + + $logger->info("An action has been performed about a person", array( + 'person_lastname' => $person->getLastName(), + 'person_firstname' => $person->getFirstName(), + 'person_id' => $person->getId(), + 'by_user' => $user->getUsername() + )); + +For further processing, it is a good idea to separate all fields (like firstname, lastname, ...) into different context keys. + +By convention, you should store the username of the user performing the action under the ``by_user`` key. + diff --git a/source/installation/index.rst b/source/installation/index.rst index d869f22c8..3d168fb80 100644 --- a/source/installation/index.rst +++ b/source/installation/index.rst @@ -28,7 +28,7 @@ Usage in production .. toctree:: :maxdepth: 2 - How to install the software + Installation in production Update Chill and maintenance ============================== diff --git a/source/installation/install_production_webserver.rst b/source/installation/install_production_webserver.rst index c7ada3700..dd2ff20cc 100644 --- a/source/installation/install_production_webserver.rst +++ b/source/installation/install_production_webserver.rst @@ -14,4 +14,14 @@ Install production webserver .. todo:: the section "Install production webserver" must be written. Help appreciated :-) - \ No newline at end of file + +.. warning:: + + Some sensitive data (like the person data, ...) might be logged in a special channel, called ``chill``. + + This channel will log events like items removed by a user, what where the details of this item, who removed it, ... + + You should take care of encrypting or discarding those data if required. + + For an how-to of how to encrypt those data, you may consult `the appropriate section of the symfony documentation `_ +